This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- It was discovered that the sudo noexec restriction could
have been bypassed if application run via sudo executed
system(), popen(), or wordexp() C library functions with
a user-supplied argument. A local user permitted to run
such application via sudo with noexec restriction could
use these flaws to execute arbitrary commands with
elevated privileges. (CVE-2016-7032, CVE-2016-7076)
These issues were discovered by Florian Weimer (Red Hat).
See also :
Update the affected sudo, sudo-debuginfo and / or sudo-devel packages.
Risk factor :
Medium / CVSS Base Score : 6.9